Biggest data leaks for 2011 and how to safeguard information going forward

2011 was another big year for hackers. But hackers aren’t always responsible for data loss. However, in the case of different gaming sites, hackers were able to steal account information of over 38 million users. Other times, organizations make the mistake of not securing their physical property from theft or safeguarding their backups with encryption. In this article, we’ll explore four of the biggest security breaches for 2011 and explain how eFileCabinet will keep your data safe.

Hackers Compromised 38 Million Users of Gaming Sites

One of the biggest Chinese software developers “Chinese Software Developer Network” (CSDN) got hacked, compromising six million user accounts. Duowan, another gaming website, was also hacked, which affected over eight million users.

Seven-thousand lost data for 20 million users. Hackers also breached 178.com where they accessed over 10 million user accounts.

The CSDN leak included user names, passwords, and email addresses for every one of those six million accounts. Fortunately, the police arrested a suspect with the last name of Zeng in this case. However, other hackers seem to be involved with the security breaches affecting the other gaming sites.

Later, CSDN was punished by the Bejing police for not properly protecting its database. The company issued an official apology and assured its customers that their information was properly secured as of September 2010.

Theft of Computer Puts Spartanburg Health Care Patients at Risk

Over 400,000 patients were affected when thieves decided to steal a computer belonging to Spartanburg Regional Healthcare System. The information about this theft is not clear. One source states that the theft involved a desktop computer while other sources state that a laptop was stolen from an employee’s car.

According to the company, the employee was authorized to have the computer in his possession. But the computer reportedly contained a password-protected file with names, social security numbers, addresses, dates of birth, and medical billing codes for over 400,000 patients.

Spartanburg sent a letter to the affected individuals and offered them the now-customary free year of credit monitoring services. Of course, Spartanburg also assured its patients that there has been no evidence of misuse.

Keeping data on a laptop is one thing, but keeping the sensitive information protected with only a password is obviously not okay. By now, most healthcare organizations must know that their records are a huge target for hackers. The least they can do is encrypt the information to keep it safe from unauthorized access.

London Researchers Lose Data on 8 Million People

London Health Programmes is an organization that is currently reviewing care procedures for a variety of health issues, including cancer and tuberculosis. The organization is part of the National Health Service (NHS) in England.

According to the official reports, NHS researchers lost 20 laptops that simply went missing from one of their storage rooms. The laptops contained sensitive information about patients. While the data didn’t include names, it did, however, list age, gender, ethnic origin, and postal codes for statistical analysis. And since the data wasn’t encrypted, it would be easy to find out who the people really are. The only thing that is protecting the data is a password for the laptop, which is fairly easy to crack for an experienced hacker.

The good news is that eight of the missing laptops have since been recovered. However, the organization didn’t explain where they were found. For Londoners, this could be devastating. After all, if the laptops get into the wrong hands, someone could use this personal information against them.

Stolen Backup Tapes Affect 1.6 Million Nemour Patients

Sometimes an organization can take every precaution to protect data and still fail. In the case of the Delaware branch of the Nemour Foundation, three backup tapes containing information about 1.6 million patients were lost.

The tapes covered information from 1994 to 2004. It included names, addresses, birth dates, social security numbers, insurance information, medical treatment information, and direct deposit bank account information. And the tapes were not encrypted.

That’s pretty devastating as far as breaches go. However, the hospital did have the tapes locked up and inaccessible, which is recommended under HIPAA (Health Insurance Portability and Accountability Act).

Of course, when it comes to data in electronic format, it’s important to encrypt it. Using encryption technologies makes it quite impossible for hackers to get the data. That’s because secure encryptions require so much computing power that it would take more than a lifetime to decipher.

How We Keep Your Data Secure

When it comes to cyber-security, we find that encryption is required for all types of data. At eFileCabinet, we encrypt every document you save on our servers, just in case. Even if someone was able to intercept your connection while you’re viewing them online, they still wouldn’t find them useful. But if you’re still keeping backup tapes or hard drives in a locked cabinet, you’ll have to make sure they’re encrypted as well.